Ultimate Widgets Light

Vulnerabilities 7Slug ultimate-widgets-lightLatest version 1.5.9.4WordPress.org →Closed
Medium 6.3 Unfixed Closed
2024-10-16≤ 1.5.9.4

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE
N/A Unfixed Closed
2023-07-18≤ 1.5.9.4

WordPress Ultimate Widgets Light Plugin <= 1.5.9.4 is vulnerable to Cross Site Scripting (XSS)

PatchstackWPScanCVE
N/A Unfixed Closed
2019-02-25≤ 1.5.9.4

Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update

Wordfence
N/A Unfixed Closed
2022-03-04≤ 1.5.9.4

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence
N/A Unfixed Closed
≤ 1.5.9.4

Freemius Library &lt; 2.2.4 - Subscriber+ Arbitrary Option Update

WPScan
N/A Unfixed Closed
2022-02-28≤ 1.5.9

WordPress Ultimate Widgets Light plugin <= 1.5.9.4 - Sensitive Information Disclosure vulnerability

Patchstack
N/A Unfixed Closed
2022-02-28≤ 1.5.9

WordPress Ultimate Widgets Light plugin <= 1.5.9.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack